Vulnerabilities > Suse > Suse Linux Enterprise Desktop

DATE CVE VULNERABILITY TITLE RISK
2018-01-04 CVE-2017-5753 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
4.7
2015-10-19 CVE-2015-5707 Integer Overflow or Wraparound vulnerability in Linux Kernel
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
local
low complexity
linux canonical debian suse CWE-190
4.6
2015-04-28 CVE-2015-3340 Information Exposure vulnerability in multiple products
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
2.9
2015-04-16 CVE-2015-0500 Remote Security vulnerability in Oracle MySQL Server
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
network
low complexity
oracle suse
4.0
2015-04-16 CVE-2015-0491 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.
network
low complexity
oracle suse opensuse
critical
10.0
2015-04-14 CVE-2015-3042 Memory Corruption vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043.
network
low complexity
adobe linux apple microsoft opensuse suse redhat
critical
10.0
2015-04-14 CVE-2015-3041 Memory Corruption vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3042, and CVE-2015-3043.
network
low complexity
adobe linux redhat apple microsoft opensuse suse
critical
10.0
2015-04-14 CVE-2015-3040 Information Exposure vulnerability in multiple products
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357.
5.0
2015-04-14 CVE-2015-3039 Remote Code Execution vulnerability in Adobe Flash Player APSB15-06
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358.
network
low complexity
redhat adobe linux opensuse suse apple microsoft
critical
10.0
2015-04-14 CVE-2015-3038 Memory Corruption vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
network
low complexity
adobe linux apple microsoft redhat opensuse suse
critical
10.0